LV Ransomware

LV ransomware has its code structure based on the structure of the REvil Sodinokibi ransomware, which was the tormentor of numerous companies after a wave of attacks in the United States.

After those attacks, the REvil group ceased its activities because of the attention its attacks received from the US government. It is unclear whether the group passed its code structure to GOLD NORTHFIELD, the group controlling the LV ransomware, or whether the group managed to break the malware’s code and adapted it for their group.

The emergence of a group like GOLD NORTHFIELD is concerning because, it shows a much larger organisation than ransomware groups.

Like other ransomware groups, LV ransomware uses the RaaS (Ransomware as a Service) tactic, which is to attract affiliates to do the attacks, thus making the attacks spread easier and wider.

In addition to RaaS the LV ransomware relies on two active sites for leaking the hijacked data, this is a tactic that has become common.

The biggest weapon cybercriminals have is fear and ignorance of alternative ways to recover data, using threats to make the victim see no other way but to pay the ransom. Even though the victim does not have absolute certainty that the files will be returned intact,nor that in the future the data will not be leaked.

In the ransom note the group leaves on the victim’s system, we can notice a line with several threats and a proud tone that without them their data will not be recovered. Remember: they use misinformation as a weapon to generate fear in the victims.

Even without the decryption key recovery is possible and Digital Recovery specializes in this.

Recover data encrypted by LV ransomware

Over the years and with the massive increase in ransomware attacks around the world, a race to develop technologies capable of recovering encrypted data has begun. And in this race, Digital Recovery stood out and today has the technology needed to recover data encrypted by any ransomware extension and on any storage device.

The knowledge and ability to develop technologies are our greatest differentials, in addition to personalized service and the monitoring of an expert from the first contact of the client until the end of the process.

All our processes were made to adapt to the real needs of each client, all these processes are in accordance with European General Data Protection Regulation (GDPR) and also have the confidentiality agreement (NDA), if the client chooses to develop its own contract we are open to analyze and accept if accepted by our legal sector.

In our portfolio we have the remote recovery, this type of recovery can be done in almost any storage device, check the conditions with our experts.

We also offer emergency recovery, so our labs work 24×7 so that the process is done as quickly as possible.

Count on Digital Recovery’s experience to recover your encrypted files.

We are
always online

Please fill out the form, or select your preferred contact method. We will contact you to start recovering your files.

Latest insights from our experts


RAID 6 system

The RAID 6 system is a type of Redundant Array of Independent Disks (RAID) that offers enhanced data protection using double parity. This means that


Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.

Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery